Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.

References

bugzilla.redhat.com/show_bug.cgi?id=1593018

www.cve.org/CVERecord?id=CVE-2018-8009 https://nvd.nist.gov/vuln/detail/CVE-2018-8009

veracode 1

osv 2

ibm 8

nvd 1

openvas 4

prion 1

cvelist 1

cve 1

github 1

fedora 3

nessus 1

checkpoint_advisories 1

redhat 1

veracode

Arbitrary File Write

2018-06-06 05:41:04

osv

CVE-2018-8009

2018-11-13 21:29:00

Path Traversal in Hadoop

2018-12-21 17:50:29

ibm

Security Bulletin: Due to use of Spark from Hadoop, IBM Cloud Pak for Multicloud Management Monitoring could allow a remote attacker to traverse directories on the system.

2023-09-05 10:36:31

Security Bulletin: IBM QRadar Incident Forensics is vulnerable to using component with known vulnerabilities

2020-10-07 20:58:51

Security Bulletin: IBM InfoSphere Information Server is affected but not classified as vulnerable to multiple vulnerabilities in Apache Hadoop

2023-05-17 21:55:26

nvd

CVE-2018-8009

2018-11-13 21:29:00

openvas

Apache Hadoop Zip Slip Vulnerability (CVE-2018-8009)

2018-11-14 00:00:00

Fedora Update for hadoop FEDORA-2018-f1f44e4c6d

2018-12-13 00:00:00

Fedora Update for hadoop FEDORA-2018-beec9e3fda

2019-05-07 00:00:00

prion

Code injection

2018-11-13 21:29:00

cvelist

CVE-2018-8009

2018-11-13 21:00:00

cve

CVE-2018-8009

2018-11-13 21:29:00

github

Path Traversal in Hadoop

2018-12-21 17:50:29

fedora

[SECURITY] Fedora 29 Update: hadoop-2.7.7-1.fc29

2018-12-09 21:02:57

[SECURITY] Fedora 28 Update: hadoop-2.7.7-1.fc28

2018-12-09 21:02:07

[SECURITY] Fedora 28 Update: hadoop-2.7.6-4.fc28

2018-07-15 03:34:22

nessus

Fedora 28 : hadoop (2018-e5a8b72d0d)

2019-01-03 00:00:00

checkpoint_advisories

ZIP Slip Arbitrary File Overwrite Remote Code Execution (CVE-2018-1002200; CVE-2018-1002201; CVE-2018-1002203; CVE-2018-1002204; CVE-2018-1002205; CVE-2018-1002206; CVE-2018-1002207; CVE-2018-1261; CVE-2018-8008; CVE-2018-8009; CVE-2021-43555)

2018-06-06 00:00:00

redhat

(RHSA-2019:3892) Important: Red Hat Fuse 7.5.0 security update

2019-11-14 21:15:16

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.023 Low

EPSS

Percentile

89.8%

JSON

Related for RH:CVE-2018-8009